on 09-11-2008 2:21 PM
Hello,
I've exchanged certificates with a third party portal and I am now interested in sending it a message digest and a signature using PKI approach implemented through Java APIs.
in PKI the signature is generated from the public key in the keystore.
Where on the filesystem can I find SAP's keystore that holds the portal's public key and how can I access it using java code (not via Visual Admin)?
I have already read [this post|; but it doesn't really answer my question.
Rgds,
Roy
Hi Roy,
I'm also searching for the APIs available in SAP Netweaver to access Keystore so that I can exchange certificates with another application. Can you please point me to the correct APIs? Also I like to know the DCs I need to add as dependencies (Used DC) to access those APIs.
Thanks in advance,
Dipankar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Dipankar,
Unfortunately SAP does not have any documentation for this API but luckily all you need is to retrieve the keystore object from the JNDI registry and once you got it, it is plain Java API which is documented.
Here is a sample from the code I am using now and is working.
InitialContext ctx = new InitialContext();
KeystoreManager manager = (KeystoreManager) ctx.lookup("keystore");
KeyStore keyStore = manager.getKeystore(<the view name you want to retrieve>);
// Now let's get a certificate from that view...
Certificate cert = keyStore.getCertificate(<certID>);
Make sure that your application has got authorisations to access this view.
You can control that access in the Key Storage service on VA -> Security -> and grant your code access to the relevant View.
You will need these DCs: IAIKSecurity and com.sap.security.api.
Hope it helps,
Roy
Edited by: Roy Cohen on Dec 3, 2008 11:52 AM
Hi Roy,
Thanks for the quick reply. I'm trying to use the same API you mentioned. But I'm facing the problem that KeystoreManager in the statement KeystoreManager manager = (KeystoreManager) ctx.lookup("keystore"); is not getting resolved due to missing import.
As you mentioned I can't find any DC as com.sap.security.api but there is a DC available as com.sap.security.api.sda which I've added in Used DC. Also I've added IAIKSecurity as well, as Used DC from SAP-JEE SC. I'm using Local Development in Netweaver 7.0 SP11. Can you please help?
Thanks,
Dipankar
Hi,
What don't you use jar locator then?
KeystoreManager in either of these locations:
plugins\com.sap.tc.ap_2.0.0\comp\SAP-JEE\DCs\sap.com\com.sap.engine.client.lib\_comp\gen\default\public\default\lib\java\sapj2eeclient.jar
\plugins\com.sap.tc.ap_2.0.0\comp\SAP-JEE\DCs\sap.com\com.sap.engine.deploy.online\_comp\gen\default\public\default\lib\java\sapj2eenginedeploy.jar
\plugins\com.sap.tc.ap_2.0.0\comp\SAP-JEE\DCs\sap.com\keystore_api\_comp\gen\default\public\default\lib\java\keystore_api.jar
Or, take keystore_api.jar from the server and use it.
Roy
Edited by: Roy Cohen on Dec 3, 2008 12:13 PM
Hi Roy,
Thanks a lot for your help! Now we can successfully build the project. But I also need to save a new certificate in the Keystore using the APIs. Is it possible? If so how? I can't find any createCertificate() method on the Keystore object.
I'll really appreciate your help!
Thanks,
Dipankar
Anyone...?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.